On October 29, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Department of Health and Human Services (HHS) have credible information of an imminent and increased cybercrime threat to healthcare providers. The increased threat is a result of new tools cybercriminal and ransomware attackers have developed tools to increase the ease and speed of ransomware attacks on your practice, so it is more important than ever to make sure your practice is protected from cybercrime and ransomware.
In the current COVID-19 pandemic healthcare providers are already struggling to treat patients, so there is no time to lose access to patient information. With the increased cybercrime threat healthcare providers must make sure they have a plan in place to protect them against the threat of cybersecurity. We have gathered a list of best practices that your practice can implement to protect against the threat of cybercrime and ransomware:
Make sure you have an offline data backup solution. Your data backup solution should be offline, so the hacker is unable to delete backup files. This will prevent your practice from needing to pay a ransom for your data in the case of a breach since you already have the data accessible to your organization offline.
Cyber Incident Response Plan
When a breach happens, it can be helpful to have an incident response team to deal with each step of the response so that your practice does not have to take time away from the patients. The incident response team can conduct a forensic investigation, deal with ongoing incident management, and execute HIPAA breach resolution protocols.
Most attackers target uninformed users; therefore it is important to train your employees to make them aware of threats and how they are delivered.
PCIHIPAA’s OfficeSafe platform is your all in one solution to help protect and prepare your practice for cybercrime. The OfficeSafe platform includes data encrypted backup, an incident response team, employee training, a $500,000 Cyber Liability Program and many other solutions to make sure that your practice is protected. Call today so we can help you prepare an incident response plan.